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REMARKS/ARGUMENTS 

Claims 1. 2, 4-10 stand rejected under 35 U.S.C. 102(e) as being anticipated by 
U.S. Pat, No. 6,381,639 to Thebaut et al, issued April 30, 2002, 

It is respectfully submitted that Thebaut is not applicable to the present invention 
as properly understood. The Thebaut invention describes what may be termed a classic firewall, 
where access to resources (in that case computer network elements called domains) is controlled 
by "rules" associated with the target (such as those rules used to control access to configuration 
records for network devices). The present invention as defined by claims 1 and 5 also relates to 
access to resources, specifically to access of elements within a computer system to other 
elements within the same computer system wherein there is inherent trust and control* However, 
in the present invention, the access and the target of access are based on the nature of the 
requests received at a separate entity called a master daemon. Consequently, it is the master 
daemon that selects targets. The targets do not control access by the present mechanism. 

It is believed that the fundamental misunderstanding of the differences between 
the two inventions steins from the differing uses of the term "domain" in the respective 
disclosures. In the present invention, detailed definitions of the mathematical concepts 
associated with the present use of the term "domain" have been recited (page 4, lines 13 through 
page 2 line 5), with further special types of "domains' 1 defined, such as "null domain" (page 5, 
lines 28-30), "orders of domains" (page 5, lines 31 through page 6, line 13), "subdomain" (page 6 
lines 31-34), "superdomain" (page 7, lines 4-7), and "universal domain" (page 7, lines 8-13). 
[The term "range" or an arbitrary invented word such as "dnanidref ' could be substituted for the 
term "domain" anywhere it appears in the present specification without loss of semantic import 
or departing from the spirit and scope of the invention.] 

By contrast, it appears Thebaut employs the term "domain" not in the 
mathematical sense but in the common structural sense typically associated with the environment 
of a network including the Internet, specifically as a group of actions or attributes associated with 
one or more physical network objects, which are specific devices, such as hubs, bridges, routers 
and work stations (for example as recited in the Abstract and at column 6, lines 10-1 1 of 
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Thebaut). So far as can be understood, the term "domain" as used in Thebaut is intended to be 
limited to the (topological and structural) objects to which "rules" are applied, 

By contrast, the term "domain" as used and defined by the Applicant herein refers 
to the mechanism selected to control valid actions. The respective uses of the term "domain" are 
thus nearly opposite. In fact, the Thebaut "rules" are more similar to (but structurally quite 
different from) the present use of the term "domain." 

A further example of the misinterpretation of a defined term is the Examiner's 
correlation of the term "policy driver" of Thebaut (column 1, lines 1-10; 57-67) to the "master 
daemon" of the present invention. The "policy driver" acts on a set of Thebaut-type "rules" and 
Thebaut-type "domains" to monitor and enforce "configuration policies" (column 6, lines 9-10), 
By contrast, the master daemon herein employs attributes of "requests" [not Thebaut-type rules!] 
to control access to actions. This is spelled out by the steps in the methods of the present 
invention. 

This distinction leads to a very important difference between the operation of 
Thebaut and of the present invention. In Column 4, lines 30-31, it is noted that conflicts occur 
when two rules issue two inconsistent actions, Thus a conflict resolution strategy is provided by 
Thebaut. By contrast, this condition simply cannot occur in the present invention because of the 
strict dominance principle associated with the function of the master daemon on the "domains" 
(as the term is used in the present invention). There are no such things as inconsistent actions. 

Hence, claims 2 and 5 define patentable subject matter without need for 

amendment. 

As to claims 2 and 10 and 4 and 12, the issues raised have been addressed by the 
preceding arguments. In addition, it is to be noted that the prior art teaches the use of security 
labels as part of the Thebaut-type domains, which are devices. By contrast, the security label of 
the present invention (claims 4 and 12) are part of the "domains" of the present invention, which 
are unrelated to the "domains" of Thebaut. 

As to claims 6 and 9, the foregoing arguments also apply. It is to be noted that the 
term "local" is used very differently. Thebaut uses "local" to refer to a type of computer 
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network. Herein the term "local" is used to refer to a construct internal to a central processor and 
associated with direct memory access, where there is inherent trust and control, 

While it is believed that claims 3 and 1 1 are patentable for the same reasons as 
claims 1 and 5, the applicant has also reviewed the combination of Thebaut with Lee (U.S. Pat. 
No, 5,692,180 cited under 35 U.S.C. 103 against claims 3 and 1 1 and revisited the description 
and limitations of those claims. Lee has been cited for its purported teaching of use of a master 
daemon that maintains centralized and coordinated access to subsystems of computer systems. 
While Lee teaches centralized access to subject matters, it fails to teach or suggest the teaching 
of access to the same subject matter without limitation of conditions, and most specifically (as 
now recited) to unconditional access to auditing subsystems of the operating system. There are 
no conditions placed on access in the present invention. This is now explicitly spelled out by a 
claim amendment Thus, the standard of obviousness applied to the combination of the Thebaut 
reference and the Lee reference do not address the invention as now claimed. 

Since it is well established that the inventor/applicant can be his own 
lexicographer, and since it has been shown that the prior art in no way anticipates or suggests the 
present invention, it is respectfully submitted that claims 1 and 5 and all claims dependent 
thereon define patentable subject matter clearly supported by the state of the art. 

. CONCLUSION 

In view of the foregoing. Applicant believes all claims now pending in this 
Application are in condition for allowance. The issuance of a formal Notice of Allowance at an 
early date is respectfully requested* 
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If the Examiner believes a telephone conference would expedite prosecution of 
this application, please telephone the undersigned at 650-326-2400. 



Respectfully submitted, 

Kenneth R. Alien 
Reg. No. 27,301 

TOWNSEND and TO WNSEND and CREW LLP 

Two Embarcadero Center s 8 th Floor 

San Rrancisco, California 941 1 1-3834 

Tel: (650) 326-2400 

Fax:(650)326-2422 
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